You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficcontrol.apache.org by oc...@apache.org on 2021/05/04 23:59:09 UTC
[trafficcontrol] branch master updated: Do not depend on Traffic
Ops static web server (#5800)
This is an automated email from the ASF dual-hosted git repository.
ocket8888 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
The following commit(s) were added to refs/heads/master by this push:
new 0fba228 Do not depend on Traffic Ops static web server (#5800)
0fba228 is described below
commit 0fba2281fa1e66091a756f0e900042ec65dae9ff
Author: Zach Hoffman <zr...@apache.org>
AuthorDate: Tue May 4 23:58:51 2021 +0000
Do not depend on Traffic Ops static web server (#5800)
* CDN in a Box: Host GeoIP database and coverage zone file on a non-Traffic Ops server
* Remove references to TO Perl-only parameter tm.logourl
* Do not create /opt/traffic_ops/app/public
* Remove Perl-only cdn.conf option geniso.iso_root_path
* Do not download MaxMind during Postinstall
---
.github/actions/run-ciab/run-ciab.sh | 2 +-
.github/actions/to-integration-tests/cdn.json | 3 --
.github/actions/tp-integration-tests/cdn.json | 3 --
CHANGELOG.md | 2 +
docs/source/admin/quick_howto/kickstart.rst | 9 +++-
docs/source/admin/traffic_ops.rst | 9 ++--
.../admin/traffic_portal/usingtrafficportal.rst | 2 +-
docs/source/api/v1/system_info.rst | 4 ++
docs/source/api/v2/system_info.rst | 1 -
docs/source/api/v3/system_info.rst | 1 -
docs/source/api/v4/cdns_name_snapshot.rst | 6 +--
docs/source/api/v4/cdns_name_snapshot_new.rst | 6 +--
docs/source/api/v4/system_info.rst | 2 -
docs/source/overview/profiles_and_parameters.rst | 4 --
.../cdn-in-a-box/docker-compose.expose-ports.yml | 3 ++
infrastructure/cdn-in-a-box/docker-compose.yml | 12 +++++
infrastructure/cdn-in-a-box/static/Dockerfile | 54 ++++++++++++++++++++++
infrastructure/cdn-in-a-box/static/lighttpd.conf | 41 ++++++++++++++++
infrastructure/cdn-in-a-box/static/run.sh | 46 ++++++++++++++++++
infrastructure/cdn-in-a-box/traffic_ops/Dockerfile | 2 -
.../traffic_ops_data/profiles/000-GLOBAL.json | 9 +---
.../traffic_ops_data/profiles/040-CCR_CIAB.json | 6 +--
traffic_ops/app/conf/cdn.conf | 3 --
traffic_ops/app/public/coverage-zone.json | 18 --------
traffic_ops/build/build_rpm.sh | 2 +-
traffic_ops/build/traffic_ops.spec | 7 +--
traffic_ops/install/bin/_postinstall | 53 +--------------------
traffic_ops/install/bin/_postinstall.pl | 29 ------------
traffic_ops/install/bin/input.json | 4 --
traffic_ops/install/bin/postinstall.test.sh | 28 -----------
.../traffic_ops_golang/config/config_test.go | 3 --
31 files changed, 189 insertions(+), 185 deletions(-)
diff --git a/.github/actions/run-ciab/run-ciab.sh b/.github/actions/run-ciab/run-ciab.sh
index f89b117..ba7f1d0 100755
--- a/.github/actions/run-ciab/run-ciab.sh
+++ b/.github/actions/run-ciab/run-ciab.sh
@@ -28,7 +28,7 @@ store_ciab_logs() {
cd infrastructure/cdn-in-a-box;
logged_services='trafficrouter readiness';
-other_services='dns edge enroller mid-01 mid-02 origin trafficmonitor trafficops trafficstats trafficvault';
+other_services='dns edge enroller mid-01 mid-02 origin static trafficmonitor trafficops trafficstats trafficvault';
docker_compose='docker-compose -f ./docker-compose.yml -f ./docker-compose.readiness.yml';
$docker_compose up -d $logged_services $other_services;
$docker_compose logs -f $logged_services &
diff --git a/.github/actions/to-integration-tests/cdn.json b/.github/actions/to-integration-tests/cdn.json
index 890ade9..a529ccd 100644
--- a/.github/actions/to-integration-tests/cdn.json
+++ b/.github/actions/to-integration-tests/cdn.json
@@ -40,9 +40,6 @@
"secrets": [
"blahblah"
],
- "geniso": {
- "iso_root_path": "/opt/traffic_ops/app/public"
- },
"inactivity_timeout": 60,
"smtp": {
"enabled": true,
diff --git a/.github/actions/tp-integration-tests/cdn.json b/.github/actions/tp-integration-tests/cdn.json
index 0e1c25c..d91f8be 100644
--- a/.github/actions/tp-integration-tests/cdn.json
+++ b/.github/actions/tp-integration-tests/cdn.json
@@ -40,9 +40,6 @@
"secrets": [
"blahblah"
],
- "geniso": {
- "iso_root_path": "/opt/traffic_ops/app/public"
- },
"inactivity_timeout": 60,
"smtp": {
"enabled": true,
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 79239de..c223030 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -87,7 +87,9 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
### Removed
- The Perl implementation of Traffic Ops has been stripped out, along with the Go implementation's "fall-back to Perl" behavior.
+- Traffic Ops no longer includes an `app/public` directory, as the static webserver has been removed along with the Perl Traffic Ops implementation. Traffic Ops also no longer attempts to download MaxMind GeoIP City databases when running the Traffic Ops Postinstall script.
- The `compare` tool stack has been removed, as it no longer serves a purpose.
+- Removed the Perl-only `cdn.conf` option `geniso.iso_root_path`
## [5.1.1] - 2021-03-19
### Added
diff --git a/docs/source/admin/quick_howto/kickstart.rst b/docs/source/admin/quick_howto/kickstart.rst
index 1e191ac..317f118 100644
--- a/docs/source/admin/quick_howto/kickstart.rst
+++ b/docs/source/admin/quick_howto/kickstart.rst
@@ -43,6 +43,13 @@ Generating a System Image
:file:`ks.src` is a standard, Kickstart-formatted file that the will be used to create the Kickstart (ks.cfg) file for the install whenever a system image is generated from the source tree. :file:`ks.src` is a template - it will be overwritten by any information set in the form submitted from :menuselection:`Tools --> Generate ISO` in Traffic Portal. Ultimately, the two are combined to create the final Kickstart file (:file:`ks.cfg`).
-.. Note:: It is highly recommended for ease of use that the system image source trees be kept under 1GB in size.
+.. note:: It is highly recommended for ease of use that the system image source trees be kept under 1GB in size.
.. seealso:: For in-depth instructions, please see `Kickstart Installation <https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Installation_Guide/s1-kickstart2-howuse.html>`_ in the Red Hat documentation.
+
+.. _kickstart.files.location:
+
+``kickstart.files.location``
+=============================
+
+The Kickstart root directory used by :ref:`to-overview` (``/var/www/files`` by default) can be changed by setting the ``kickstart.files.location`` :term:`Parameter`.
diff --git a/docs/source/admin/traffic_ops.rst b/docs/source/admin/traffic_ops.rst
index 2b75c57..2d5dd23 100644
--- a/docs/source/admin/traffic_ops.rst
+++ b/docs/source/admin/traffic_ops.rst
@@ -133,8 +133,6 @@ Guide
Database server root (admin) user: postgres
Password for database server admin:
Re-Enter Password for database server admin:
- Download Maxmind Database? [yes]:
- Download Maxmind Database?: yes
===========/opt/traffic_ops/app/conf/cdn.conf===========
Generate a new secret? [yes]:
Generate a new secret?: yes
@@ -165,10 +163,6 @@ Guide
DNS sub-domain for which your CDN is authoritative [cdn1.kabletown.net]: blue-cdn.supercdn.net
DNS sub-domain for which your CDN is authoritative: blue-cdn.supercdn.net
Writing json to /opt/traffic_ops/install/data/json/profiles.json
- Downloading Maxmind data
- --2017-06-11 15:32:41-- http://geolite.maxmind.com/download/geoip/database/GeoLite2-City.mmdb.gz
- Resolving geolite.maxmind.com (geolite.maxmind.com)... 2400:cb00:2048:1::6810:262f, 2400:cb00:2048:1::6810:252f, 104.16.38.47, ...
- Connecting to geolite.maxmind.com (geolite.maxmind.com)|2400:cb00:2048:1::6810:262f|:80... connected.
... much SQL output skipped
@@ -325,6 +319,9 @@ This file deals with the configuration parameters of running Traffic Ops itself.
:iso_root_path: Sets the filesystem path to the root of the ISO generation directory. For default installations, this should usually be set to :file:`/opt/traffic_ops/app/public`.
+ .. deprecated:: ATCv6
+ The ``geniso.iso_root_path`` configuration option is unused now that Traffic Ops is rewritten from Perl to Golang and will be removed in a future ATC release.
+
.. seealso:: :ref:`tp-tools-generate-iso`
:hypnotoad: This is a group of options that mainly no longer have any meaning..
diff --git a/docs/source/admin/traffic_portal/usingtrafficportal.rst b/docs/source/admin/traffic_portal/usingtrafficportal.rst
index 97fce1b..18c147a 100644
--- a/docs/source/admin/traffic_portal/usingtrafficportal.rst
+++ b/docs/source/admin/traffic_portal/usingtrafficportal.rst
@@ -670,7 +670,7 @@ Generates a boot-able system image for any of the servers in the Servers table (
Copy Server Attributes From
Optional. This option lets the user choose a server from the Traffic Ops database and will auto-fill the other fields as much as possible based on that server's properties
OS Version
- This list is populated by modifying the :file:`osversions.json` file on the Traffic Ops server. This file maps OS names to the name of a directory under ``app/public/iso/`` directory within the Traffic Ops install directory
+ This list is populated by modifying the :file:`osversions.json` file on the Traffic Ops server. This file maps OS names to the name of a directory under :ref:`kickstart.files.location` (``/var/www/files`` by default).
Hostname
The desired hostname of the resultant system
Domain
diff --git a/docs/source/api/v1/system_info.rst b/docs/source/api/v1/system_info.rst
index 33245c1..f69f7b3 100644
--- a/docs/source/api/v1/system_info.rst
+++ b/docs/source/api/v1/system_info.rst
@@ -38,6 +38,10 @@ Response Structure
:default_geo_miss_latitude: The default latitude used when geographic lookup of an IP address fails
:default_geo_miss_longitude: The default longitude used when geographic lookup of an IP address fails
:tm.logourl: This is the URL of the logo for Traffic Ops and is assumed relative to ``tm.url`` if it is a relative path
+
+ .. deprecated:: ATCv4.0
+ The ``tm.logourl`` field is deprecated and will be removed in a future API version, as Traffic Ops no longer includes a User Interface.
+
:tm.instance_name: The name of the Traffic Ops instance; typically used when multiple instances are active
:tm.toolname: The name of the Traffic Ops tool (usually "Traffic Ops") - used in several API endpoints and written in comment headers on most Apache Traffic Server (ATS) configuration files generated by Traffic Ops
:tm.url: The URL for this Traffic Ops instance ) - used in several API endpoints and written in comment headers on most Apache Traffic Server (ATS) configuration files generated by Traffic Ops
diff --git a/docs/source/api/v2/system_info.rst b/docs/source/api/v2/system_info.rst
index 6420040..3d75253 100644
--- a/docs/source/api/v2/system_info.rst
+++ b/docs/source/api/v2/system_info.rst
@@ -37,7 +37,6 @@ Response Structure
:default_geo_miss_latitude: The default latitude used when geographic lookup of an IP address fails
:default_geo_miss_longitude: The default longitude used when geographic lookup of an IP address fails
- :tm.logourl: This is the URL of the logo for Traffic Ops and is assumed relative to ``tm.url`` if it is a relative path
:tm.instance_name: The name of the Traffic Ops instance; typically used when multiple instances are active
:tm.toolname: The name of the Traffic Ops tool (usually "Traffic Ops") - used in several API endpoints and written in comment headers on most Apache Traffic Server (ATS) configuration files generated by Traffic Ops
:tm.url: The URL for this Traffic Ops instance ) - used in several API endpoints and written in comment headers on most Apache Traffic Server (ATS) configuration files generated by Traffic Ops
diff --git a/docs/source/api/v3/system_info.rst b/docs/source/api/v3/system_info.rst
index 96f8fbf..db72fc1 100644
--- a/docs/source/api/v3/system_info.rst
+++ b/docs/source/api/v3/system_info.rst
@@ -37,7 +37,6 @@ Response Structure
:default_geo_miss_latitude: The default latitude used when geographic lookup of an IP address fails
:default_geo_miss_longitude: The default longitude used when geographic lookup of an IP address fails
- :tm.logourl: This is the URL of the logo for Traffic Ops and is assumed relative to ``tm.url`` if it is a relative path
:tm.instance_name: The name of the Traffic Ops instance; typically used when multiple instances are active
:tm.toolname: The name of the Traffic Ops tool (usually "Traffic Ops") - used in several API endpoints and written in comment headers on most Apache Traffic Server (ATS) configuration files generated by Traffic Ops
:tm.url: The URL for this Traffic Ops instance ) - used in several API endpoints and written in comment headers on most Apache Traffic Server (ATS) configuration files generated by Traffic Ops
diff --git a/docs/source/api/v4/cdns_name_snapshot.rst b/docs/source/api/v4/cdns_name_snapshot.rst
index b8371b0..1266498 100644
--- a/docs/source/api/v4/cdns_name_snapshot.rst
+++ b/docs/source/api/v4/cdns_name_snapshot.rst
@@ -364,17 +364,17 @@ Response Structure
"certificates.polling.interval": "300000",
"consistent.dns.routing": "true",
"coveragezone.polling.interval": "3600000",
- "coveragezone.polling.url": "https://trafficops.infra.ciab.test:443/coverage-zone.json",
+ "coveragezone.polling.url": "https://static.infra.ciab.test:443/coverage-zone.json",
"dnssec.dynamic.response.expiration": "300s",
"dnssec.enabled": "false",
"domain_name": "mycdn.ciab.test",
"federationmapping.polling.interval": "60000",
"federationmapping.polling.url": "https://${toHostname}/api/2.0/federations/all",
"geolocation.polling.interval": "86400000",
- "geolocation.polling.url": "https://trafficops.infra.ciab.test:443/GeoLite2-City.mmdb.gz",
+ "geolocation.polling.url": "https://static.infra.ciab.test:443/GeoLite2-City.mmdb.gz",
"keystore.maintenance.interval": "300",
"neustar.polling.interval": "86400000",
- "neustar.polling.url": "https://trafficops.infra.ciab.test:443/neustar.tar.gz",
+ "neustar.polling.url": "https://static.infra.ciab.test:443/neustar.tar.gz",
"soa": {
"admin": "twelve_monkeys",
"expire": "604800",
diff --git a/docs/source/api/v4/cdns_name_snapshot_new.rst b/docs/source/api/v4/cdns_name_snapshot_new.rst
index 066e5de..7a78dc5 100644
--- a/docs/source/api/v4/cdns_name_snapshot_new.rst
+++ b/docs/source/api/v4/cdns_name_snapshot_new.rst
@@ -364,17 +364,17 @@ Response Structure
"certificates.polling.interval": "300000",
"consistent.dns.routing": "true",
"coveragezone.polling.interval": "3600000",
- "coveragezone.polling.url": "https://trafficops.infra.ciab.test:443/coverage-zone.json",
+ "coveragezone.polling.url": "https://static.infra.ciab.test:443/coverage-zone.json",
"dnssec.dynamic.response.expiration": "300s",
"dnssec.enabled": "false",
"domain_name": "mycdn.ciab.test",
"federationmapping.polling.interval": "60000",
"federationmapping.polling.url": "https://${toHostname}/api/2.0/federations/all",
"geolocation.polling.interval": "86400000",
- "geolocation.polling.url": "https://trafficops.infra.ciab.test:443/GeoLite2-City.mmdb.gz",
+ "geolocation.polling.url": "https://static.infra.ciab.test:443/GeoLite2-City.mmdb.gz",
"keystore.maintenance.interval": "300",
"neustar.polling.interval": "86400000",
- "neustar.polling.url": "https://trafficops.infra.ciab.test:443/neustar.tar.gz",
+ "neustar.polling.url": "https://static.infra.ciab.test:443/neustar.tar.gz",
"soa": {
"admin": "twelve_monkeys",
"expire": "604800",
diff --git a/docs/source/api/v4/system_info.rst b/docs/source/api/v4/system_info.rst
index 2ffe922..3ae6cc5 100644
--- a/docs/source/api/v4/system_info.rst
+++ b/docs/source/api/v4/system_info.rst
@@ -37,7 +37,6 @@ Response Structure
:default_geo_miss_latitude: The default latitude used when geographic lookup of an IP address fails
:default_geo_miss_longitude: The default longitude used when geographic lookup of an IP address fails
- :tm.logourl: This is the URL of the logo for Traffic Ops and is assumed relative to ``tm.url`` if it is a relative path
:tm.instance_name: The name of the Traffic Ops instance; typically used when multiple instances are active
:tm.toolname: The name of the Traffic Ops tool (usually "Traffic Ops") - used in several API endpoints and written in comment headers on most Apache Traffic Server (ATS) configuration files generated by Traffic Ops
:tm.url: The URL for this Traffic Ops instance ) - used in several API endpoints and written in comment headers on most Apache Traffic Server (ATS) configuration files generated by Traffic Ops
@@ -75,7 +74,6 @@ Response Structure
"default_geo_miss_latitude": "0",
"default_geo_miss_longitude": "-1",
"tm.instance_name": "CDN-In-A-Box",
- "tm.logourl": "/images/tc_logo.png",
"tm.toolname": "Traffic Ops",
"tm.url": "https://trafficops.infra.ciab.test:443/",
"use_reval_pending": "0",
diff --git a/docs/source/overview/profiles_and_parameters.rst b/docs/source/overview/profiles_and_parameters.rst
index 7fe3e86..8ed2b5b 100644
--- a/docs/source/overview/profiles_and_parameters.rst
+++ b/docs/source/overview/profiles_and_parameters.rst
@@ -188,8 +188,6 @@ There is a special Profile of Type_ UNK_PROFILE that holds global configuration
+--------------------------+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------+
| tm.infourl | global | This is the "for more information go here" URL, which used to be visible in the "About" page of the now-deprecated Traffic Ops UI. |
+--------------------------+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------+
- | tm.logourl | global | This is the URL of the logo for Traffic Ops and can be relative if the logo is under :file:`traffic_ops/app/public`. |
- +--------------------------+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------+
| tm.instance_name | global | The name of the Traffic Ops instance - typically to distinguish instances when multiple are active. |
+--------------------------+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------+
| tm.traffic_mon_fwd_proxy | global | When collecting stats from Traffic Monitor, Traffic Ops will use this forward proxy instead of the actual Traffic Monitor host. |
@@ -224,8 +222,6 @@ There is a special Profile of Type_ UNK_PROFILE that holds global configuration
+--------------------------+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------+
-.. note:: Since the Traffic Ops UI has been removed, the tm.logourl has no real meaning, and in fact most Traffic Ops distributions neither set this :ref:`Parameter <parameters>`, nor provide a logo.
-
Some of these Parameters_ have the `Config File`_ value global_, while others have `CRConfig.json`_. This is not a typo, and the distinction is that those that use global_ are typically configuration options relating to Traffic Control as a whole or to Traffic Ops itself, whereas `CRConfig.json`_ is used by configuration options that are set globally, but pertain mainly to routing and are thus communicated to Traffic Routers through :term:`CDN Snapshots` (which historically were called " [...]
When a :ref:`Parameter <parameters>` has a `Config File`_ value that *isn't* one of global_ or `CRConfig.json`_, it refers to the global configuration of said `Config File`_ across all servers that use it across all CDNs configured in Traffic Control. This can be used to easily apply extremely common configuration to a great many servers in one place.
diff --git a/infrastructure/cdn-in-a-box/docker-compose.expose-ports.yml b/infrastructure/cdn-in-a-box/docker-compose.expose-ports.yml
index 7a8a034..b45b52d 100644
--- a/infrastructure/cdn-in-a-box/docker-compose.expose-ports.yml
+++ b/infrastructure/cdn-in-a-box/docker-compose.expose-ports.yml
@@ -71,3 +71,6 @@ services:
smtp:
ports:
- "4443:443"
+ static:
+ ports:
+ - "9443:443"
diff --git a/infrastructure/cdn-in-a-box/docker-compose.yml b/infrastructure/cdn-in-a-box/docker-compose.yml
index f1d21d3..a3b258e 100644
--- a/infrastructure/cdn-in-a-box/docker-compose.yml
+++ b/infrastructure/cdn-in-a-box/docker-compose.yml
@@ -286,6 +286,18 @@ services:
- shared:/shared
domainname: infra.ciab.test
+ # static provides the MaxMind databases and coverage-zone.json, which used to be served by Traffic Ops Perl.
+ static:
+ build:
+ context: ../..
+ dockerfile: infrastructure/cdn-in-a-box/static/Dockerfile
+ domainname: infra.ciab.test
+ hostname: static
+ env_file:
+ - variables.env
+ volumes:
+ - shared:/shared
+
volumes:
schemas:
external: false
diff --git a/infrastructure/cdn-in-a-box/static/Dockerfile b/infrastructure/cdn-in-a-box/static/Dockerfile
new file mode 100644
index 0000000..d70f7d6
--- /dev/null
+++ b/infrastructure/cdn-in-a-box/static/Dockerfile
@@ -0,0 +1,54 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+############################################################
+# Dockerfile to build Mid-Tier Cache container images for
+# Apache Traffic Control
+############################################################
+
+FROM alpine:3.13
+
+RUN apk add --no-cache \
+ bash \
+ bind-tools \
+ curl \
+ # gettext contains envsubst for to-enroll
+ gettext \
+ jq \
+ lighttpd \
+ net-tools && \
+ rm -rf /sbin/route \
+ /etc/lighttpd/lighttpd.conf \
+ /var/www/localhost/
+
+COPY traffic_router/core/src/test/resources/czmap.json \
+ traffic_router/core/src/test/resources/geo/GeoLite2-City.mmdb.gz \
+ /var/www/html/
+
+COPY infrastructure/cdn-in-a-box/static/lighttpd.conf /etc/lighttpd/
+COPY infrastructure/cdn-in-a-box/static/run.sh \
+ infrastructure/cdn-in-a-box/traffic_ops/to-access.sh \
+ infrastructure/cdn-in-a-box/enroller/server_template.json \
+ /
+
+COPY infrastructure/cdn-in-a-box/dns/set-dns.sh \
+ infrastructure/cdn-in-a-box/dns/insert-self-into-dns.sh \
+ /usr/local/sbin/
+
+EXPOSE 80
+
+CMD /run.sh
diff --git a/infrastructure/cdn-in-a-box/static/lighttpd.conf b/infrastructure/cdn-in-a-box/static/lighttpd.conf
new file mode 100644
index 0000000..ff94a52
--- /dev/null
+++ b/infrastructure/cdn-in-a-box/static/lighttpd.conf
@@ -0,0 +1,41 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+server.document-root = "/var/www/html/"
+
+server.port = 443
+
+mimetype.assign = (
+ ".html" => "text/html",
+ ".svg" => "image/svg+xml"
+)
+
+index-file.names = ( "index.html" )
+
+
+# CORS Headers
+server.modules += ( "mod_setenv", "mod_openssl")
+setenv.add-response-header = (
+ "Cache-Control" => "public, max-age=300",
+ "Access-Control-Allow-Origin" => "*",
+ "Access-Control-Allow-Headers" => "Accept, Origin, Content-Type",
+ "Access-Control-Allow-Methods" => "GET, POST, PUT, OPTIONS"
+)
+
+ssl.engine = "enable"
+ssl.pemfile = "/etc/lighttpd/${INFRA_FQDN}.pem"
+ssl.ca-file = "${X509_CA_CERT_FULL_CHAIN_FILE}"
diff --git a/infrastructure/cdn-in-a-box/static/run.sh b/infrastructure/cdn-in-a-box/static/run.sh
new file mode 100755
index 0000000..e5f3b22
--- /dev/null
+++ b/infrastructure/cdn-in-a-box/static/run.sh
@@ -0,0 +1,46 @@
+#!/usr/bin/env bash
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+set -eux
+
+. /to-access.sh
+set-dns.sh
+insert-self-into-dns.sh
+
+# Wait on SSL certificate generation
+until [[ -f "$X509_CA_ENV_FILE" ]]
+do
+ echo "Waiting on Shared SSL certificate generation"
+ sleep 3
+done
+
+# Source the CIAB-CA shared SSL environment
+until [[ -n "${X509_GENERATION_COMPLETE:-}" ]]; do
+ echo "Waiting on X509 vars to be defined"
+ sleep 1
+ source "$X509_CA_ENV_FILE"
+done
+
+source /to-access.sh
+cat "$X509_INFRA_KEY_FILE" "$X509_INFRA_CERT_FILE" > "/etc/lighttpd/${INFRA_FQDN}.pem"
+
+conf_file=/etc/lighttpd/lighttpd.conf
+echo "$(<"$conf_file" envsubst)" > "$conf_file"
+lighttpd -t -f "$conf_file"
+exec lighttpd -D -f "$conf_file"
diff --git a/infrastructure/cdn-in-a-box/traffic_ops/Dockerfile b/infrastructure/cdn-in-a-box/traffic_ops/Dockerfile
index 938b984..9ad9e3c 100644
--- a/infrastructure/cdn-in-a-box/traffic_ops/Dockerfile
+++ b/infrastructure/cdn-in-a-box/traffic_ops/Dockerfile
@@ -91,8 +91,6 @@ RUN set -o nounset -o errexit && \
EXPOSE 443
-ADD traffic_router/core/src/test/resources/geo/GeoLite2-City.mmdb.gz /opt/traffic_ops/app/public/
-
WORKDIR /opt/traffic_ops/app
ADD traffic_ops/install/bin/install_goose.sh ./
RUN ./install_goose.sh && rm ./install_goose.sh
diff --git a/infrastructure/cdn-in-a-box/traffic_ops_data/profiles/000-GLOBAL.json b/infrastructure/cdn-in-a-box/traffic_ops_data/profiles/000-GLOBAL.json
index ab37c5b..d65fca5 100644
--- a/infrastructure/cdn-in-a-box/traffic_ops_data/profiles/000-GLOBAL.json
+++ b/infrastructure/cdn-in-a-box/traffic_ops_data/profiles/000-GLOBAL.json
@@ -10,24 +10,19 @@
"configFile": "global"
},
{
- "value": "/images/tc_logo.png",
- "configFile": "global",
- "name": "tm.logourl"
- },
- {
"configFile": "global",
"name": "tm.instance_name",
"value": "CDN-In-A-Box"
},
{
- "value": "https://trafficops.infra.ciab.test/GeoLite2-City.mmdb.gz",
+ "value": "https://static.infra.ciab.test/GeoLite2-City.mmdb.gz",
"configFile": "CRConfig.json",
"name": "geolocation.polling.url"
},
{
"name": "geolocation6.polling.url",
"configFile": "CRConfig.json",
- "value": "https://trafficops.infra.ciab.test/GeoLite2-City.mmdb.gz"
+ "value": "https://static.infra.ciab.test/GeoLite2-City.mmdb.gz"
},
{
"value": "Traffic Ops",
diff --git a/infrastructure/cdn-in-a-box/traffic_ops_data/profiles/040-CCR_CIAB.json b/infrastructure/cdn-in-a-box/traffic_ops_data/profiles/040-CCR_CIAB.json
index 8d905ef..06eeefa 100644
--- a/infrastructure/cdn-in-a-box/traffic_ops_data/profiles/040-CCR_CIAB.json
+++ b/infrastructure/cdn-in-a-box/traffic_ops_data/profiles/040-CCR_CIAB.json
@@ -13,7 +13,7 @@
{
"configFile": "CRConfig.json",
"name": "geolocation.polling.url",
- "value": "https://trafficops.infra.ciab.test:443/GeoLite2-City.mmdb.gz"
+ "value": "https://static.infra.ciab.test/GeoLite2-City.mmdb.gz"
},
{
"configFile": "CRConfig.json",
@@ -28,7 +28,7 @@
{
"configFile": "CRConfig.json",
"name": "coveragezone.polling.url",
- "value": "https://trafficops.infra.ciab.test:443/coverage-zone.json"
+ "value": "https://static.infra.ciab.test/czmap.json"
},
{
"configFile": "CRConfig.json",
@@ -138,7 +138,7 @@
{
"configFile": "CRConfig.json",
"name": "neustar.polling.url",
- "value": "https://trafficops.infra.ciab.test:443/neustar.tar.gz"
+ "value": "https://static.infra.ciab.test/neustar.tar.gz"
},
{
"configFile": "CRConfig.json",
diff --git a/traffic_ops/app/conf/cdn.conf b/traffic_ops/app/conf/cdn.conf
index d3f04b6..09bde2f 100644
--- a/traffic_ops/app/conf/cdn.conf
+++ b/traffic_ops/app/conf/cdn.conf
@@ -65,9 +65,6 @@
"secrets" : [
"mONKEYDOmONKEYSEE."
],
- "geniso" : {
- "iso_root_path" : "/opt/traffic_ops/app/public"
- },
"inactivity_timeout" : 60,
"smtp" : {
"enabled" : false,
diff --git a/traffic_ops/app/public/coverage-zone.json b/traffic_ops/app/public/coverage-zone.json
deleted file mode 100644
index 2a1f22e..0000000
--- a/traffic_ops/app/public/coverage-zone.json
+++ /dev/null
@@ -1,18 +0,0 @@
-{
- "coverageZones":
- {
- "cache-group-01":
- {
- "network6":
- [
- "1234:5678::/64",
- "1234:5679::/64"
- ],
- "network":
- [
- "192.168.8.0/24",
- "192.168.9.0/24"
- ]
- }
- }
-}
\ No newline at end of file
diff --git a/traffic_ops/build/build_rpm.sh b/traffic_ops/build/build_rpm.sh
index 06c781b..44cb4b5 100755
--- a/traffic_ops/build/build_rpm.sh
+++ b/traffic_ops/build/build_rpm.sh
@@ -82,7 +82,7 @@ initBuildArea() {
rsync -av etc install "$dest"/ || \
{ echo "Could not copy to $dest: $?"; return 1; }
- if ! (cd app; rsync -av bin conf db public script templates "${dest}/app"); then
+ if ! (cd app; rsync -av bin conf db script templates "${dest}/app"); then
echo "Could not copy to $dest/app"
return 1
fi
diff --git a/traffic_ops/build/traffic_ops.spec b/traffic_ops/build/traffic_ops.spec
index a04bc30..92fc640 100644
--- a/traffic_ops/build/traffic_ops.spec
+++ b/traffic_ops/build/traffic_ops.spec
@@ -106,10 +106,6 @@ echo "go rming $RPM_BUILD_ROOT/%{PACKAGEDIR}/{pkg,src,bin}"
%__mkdir -p $RPM_BUILD_ROOT/var/www/files
%__cp install/data/json/osversions.json $RPM_BUILD_ROOT/var/www/files/.
-if [ ! -d $RPM_BUILD_ROOT/%{PACKAGEDIR}/app/public/routing ]; then
- %__mkdir -p $RPM_BUILD_ROOT/%{PACKAGEDIR}/app/public/routing
-fi
-
# install traffic_ops_golang binary
if [ ! -d $RPM_BUILD_ROOT/%{PACKAGEDIR}/app/bin ]; then
%__mkdir -p $RPM_BUILD_ROOT/%{PACKAGEDIR}/app/bin
@@ -134,7 +130,7 @@ echo -e "\nBacking up config files.\n"
if [ -f /var/tmp/traffic_ops-backup.tar ]; then
%__rm /var/tmp/traffic_ops-backup.tar
fi
-cd %{PACKAGEDIR} && tar cf /var/tmp/traffic_ops-backup.tar app/public/routing app/conf app/db/dbconf.yml app/local app/cpanfile.snapshot
+cd %{PACKAGEDIR} && tar cf /var/tmp/traffic_ops-backup.tar app/conf app/db/dbconf.yml app/local app/cpanfile.snapshot
fi
# upgrade
@@ -222,6 +218,5 @@ fi
%{PACKAGEDIR}/app/bin/checks
%{PACKAGEDIR}/app/bin/tests
%{PACKAGEDIR}/app/db
-%{PACKAGEDIR}/app/public
%{PACKAGEDIR}/app/templates
%{PACKAGEDIR}/install
diff --git a/traffic_ops/install/bin/_postinstall b/traffic_ops/install/bin/_postinstall
index f4a22b0..e073b9f 100755
--- a/traffic_ops/install/bin/_postinstall
+++ b/traffic_ops/install/bin/_postinstall
@@ -231,8 +231,7 @@ DEFAULTS = {
],
DB_CONF_FILE: [
Question("Database server root (admin) user", "postgres", "pgUser"),
- Question("Password for database server admin", "", "pgPassword", hidden=True),
- Question("Download Maxmind Database?", "yes", "maxmind")
+ Question("Password for database server admin", "", "pgPassword", hidden=True)
],
CDN_CONF_FILE: [
Question("Generate a new secret?", "yes", "genSecret"),
@@ -711,50 +710,6 @@ def unmarshal_config(dct): # type: (dict) -> dict[str, list[Question]]
return ret
-def setup_maxmind(maxmind_answer, root, download_tool = '/usr/bin/wget'): # type: (str, str, str) -> None
- """
- If 'maxmind_answer' is a truthy response ('y' or 'yes' (case-insensitive), sets up a Maxmind
- database using `wget`.
- """
- if maxmind_answer.lower() not in {'y', 'yes'}:
- logging.info("Not downloading Maxmind data")
- return
-
- os.chdir(os.path.join(root, 'opt/traffic_ops/app/public/routing'))
-
- def failed_download(e, ip_version): # type: (Exception, int) -> None
- logging.error("Failed to download MaxMind data")
- logging.debug("(ipv%d) Exception: %s", ip_version, e)
-
- cmd = [download_tool, "https://geolite.maxmind.com/download/geoip/database/GeoLite2-City.mmdb.gz"]
- # Perl ignored errors downloading the databases, so we do too
- try:
- subprocess.check_call(
- cmd,
- stderr=subprocess.PIPE,
- stdout=subprocess.PIPE,
- universal_newlines=True
- )
- except (subprocess.CalledProcessError, OSError) as e:
- failed_download(e, 4)
- except subprocess.SubprocessError as e:
- failed_download(e, 4)
-
- cmd[1] = (
- "https://geolite.maxmind.com/download/geoip/database/GeoLiteCityv6-beta/GeoLiteCityv6.dat.gz"
- )
- try:
- subprocess.check_call(
- cmd,
- stderr=subprocess.PIPE,
- stdout=subprocess.PIPE,
- universal_newlines=True
- )
- except (subprocess.CalledProcessError, OSError) as e:
- failed_download(e, 6)
- except subprocess.SubprocessError as e:
- failed_download(e, 6)
-
def exec_openssl(description, *cmd_args): # type: (str, ...) -> bool
"""
Executes openssl with the supplied command-line arguments.
@@ -1312,12 +1267,6 @@ no_database, # type: bool
return 1
try:
- setup_maxmind(todbconf.get("maxmind", "no"), root_dir)
- except OSError as e:
- logging.critical("Setting up MaxMind: %s", e)
- return 1
-
- try:
cert_code = setup_certificates(opensslconf, root_dir, ops_user, ops_group)
if cert_code:
return cert_code
diff --git a/traffic_ops/install/bin/_postinstall.pl b/traffic_ops/install/bin/_postinstall.pl
index e56498d..b530173 100755
--- a/traffic_ops/install/bin/_postinstall.pl
+++ b/traffic_ops/install/bin/_postinstall.pl
@@ -445,10 +445,6 @@ sub getDefaults {
"Password for database server admin" => "",
"config_var" => "pgPassword",
"hidden" => "true"
- },
- {
- "Download Maxmind Database?" => "yes",
- "config_var" => "maxmind"
}
],
$cdnConfFile => [
@@ -651,30 +647,6 @@ sub invoke_db_admin_pl {
return $result;
}
-sub setupMaxMind {
- my $setupMaxmind = shift;
-
- my $result;
-
- if ( $setupMaxmind =~ /^y(?:es)?/ ) {
- InstallUtils::logger( "Downloading Maxmind data", "info" );
- chdir("/opt/traffic_ops/app/public/routing");
- $result = InstallUtils::execCommand("/usr/bin/wget https://geolite.maxmind.com/download/geoip/database/GeoLite2-City.mmdb.gz");
- if ( $result != 0 ) {
- InstallUtils::logger( "Failed to download MaxMind data", "error" );
- }
-
- $result = InstallUtils::execCommand("/usr/bin/wget https://geolite.maxmind.com/download/geoip/database/GeoLiteCityv6-beta/GeoLiteCityv6.dat.gz");
- if ( $result != 0 ) {
- InstallUtils::logger( "Failed to download MaxMind data", "error" );
- }
- }
- else {
- InstallUtils::logger("Not downloading Maxmind data");
- }
-
-}
-
sub setupCertificates {
my $opensslconf = shift;
@@ -918,7 +890,6 @@ sub main {
InstallUtils::writeJson( $post_install_cfg, {} );
}
- setupMaxMind( $todbconf->{"maxmind"} );
setupCertificates( $opensslconf );
generateCdnConf( \%userInput, $cdnConfFile );
diff --git a/traffic_ops/install/bin/input.json b/traffic_ops/install/bin/input.json
index c35fdae..1fcfa1c 100644
--- a/traffic_ops/install/bin/input.json
+++ b/traffic_ops/install/bin/input.json
@@ -76,10 +76,6 @@
"Database server admin password": "dbpass",
"config_var": "pgPassword",
"hidden": "1"
- },
- {
- "Download Maxmind Database?": "no",
- "config_var": "maxmind"
}
],
"/opt/traffic_ops/install/data/json/openssl_configuration.json": [
diff --git a/traffic_ops/install/bin/postinstall.test.sh b/traffic_ops/install/bin/postinstall.test.sh
index d4f7cb5..024ec8d 100755
--- a/traffic_ops/install/bin/postinstall.test.sh
+++ b/traffic_ops/install/bin/postinstall.test.sh
@@ -124,34 +124,11 @@ from os.path import dirname, join
module_name = '_postinstall'
download_tool = '/does/not/exist'
root = '${ROOT_DIR}'
-unexpected_exception_message = 'Unexpected exception type {exception_type} raised from setup_maxmind()'
-uncaught_exception_message = 'Expected exception of type {exception_type} to be caught for download_tool "{download_tool}" within setup_maxmind(), but none was raised.'
if sys.version_info.major >= 3:
import importlib
from importlib.machinery import SourceFileLoader
_postinstall = SourceFileLoader(module_name, join(dirname(__file__), module_name)).load_module(module_name)
- try:
- _postinstall.setup_maxmind('yes', root, download_tool)
- except subprocess.SubprocessError as e:
- print(uncaught_exception_message.format(exception_type=type(e).__name, download_tool=download_tool), file=sys.stderr)
- exit(1)
- except Exception as e:
- print(unexpected_exception_message.format(exception_type=type(e).__name__), file=sys.stderr)
- exit(1)
-else:
- import imp
- _postinstall = imp.load_source(module_name, join(dirname(__file__), module_name))
-
- try:
- _postinstall.setup_maxmind('yes', root, download_tool)
- except (subprocess.CalledProcessError, OSError) as e:
- print(uncaught_exception_message.format(exception_type=type(e).__name, download_tool=download_tool), file=sys.stderr)
- exit(1)
- except Exception as e:
- print(unexpected_exception_message.format(exception_type=type(e).__name__), file=sys.stderr)
- exit(1)
-
_postinstall.exec_psql('N/A', 'N/A', '--version')
TESTS
@@ -204,11 +181,6 @@ cat <<- EOF > "$ROOT_DIR/defaults.json"
"Password for database server admin": "${TO_PASSWORD}",
"config_var": "pgPassword",
"hidden": true
- },
- {
- "Download Maxmind Database?": "no",
- "config_var": "maxmind",
- "hidden": false
}
],
"/opt/traffic_ops/app/conf/cdn.conf": [
diff --git a/traffic_ops/traffic_ops_golang/config/config_test.go b/traffic_ops/traffic_ops_golang/config/config_test.go
index bfb5d27..71349d2 100644
--- a/traffic_ops/traffic_ops_golang/config/config_test.go
+++ b/traffic_ops/traffic_ops_golang/config/config_test.go
@@ -139,9 +139,6 @@ const (
"secrets" : [
"mONKEYDOmONKEYSEE."
],
- "geniso" : {
- "iso_root_path" : "/opt/traffic_ops/app/public"
- },
"inactivity_timeout" : 60
}
`